Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Safe to block SPF softfail?
  FAQ FAQ  Forum Search   Register Register  Login Login

Safe to block SPF softfail?

 Post Reply Post Reply
Author
Altras View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Altras Quote  Post ReplyReply Direct Link To This Post Topic: Safe to block SPF softfail?
    Posted: 09 April 2006 at 12:14am

Just wondering.... if it's considered safe to

block incoming email when SPF test is "softfail"???

Any thoughts from folks who have tested in real world??

I personally, block "Fail" tests only, however want to be more

proactive.

Much appreciate your reply

Al

Back to Top
sgeorge View Drop Down
Senior Member
Senior Member


Joined: 23 August 2005
Status: Offline
Points: 178
Post Options Post Options   Thanks (0) Thanks(0)   Quote sgeorge Quote  Post ReplyReply Direct Link To This Post Posted: 09 April 2006 at 9:32pm

Hi Altras, in my own opinion, it's not safe to block softfails.  Mail admins who create their SPF rules can have a number of reasons for identifying their records to probably list valid sending addresses (with ~all) instead of definitely listing all valid sending addresses (with -all).

Softfail matches can occur for a number of reasons other that the message being from an inappropriate sender:

  • The mail admin may have recently created a SPF record, and may need to test it's accuracy before creating a more definitive SPF record
  • The potential list of systems that may legitimately send email from the domain may be too dynamic or complex for the admin to create an accurate list
  • Or maybe they received too many reports of their legitimate outgoing email being incorrectly identified with SPF hardfails, and their lazy approach to solving the problem is to loosen the strength of their SPF rules, without revising the list of addresses in the rules.

Ideally, you could identify a softfail with a lower confidence level that the message is from the alleged sender.  For now, I give all softfails the benefit of the doubt for my domain.  But that’s just my take.

Stephen

Back to Top
lyndonje View Drop Down
Senior Member
Senior Member
Avatar

Joined: 31 January 2006
Location: United Kingdom
Status: Offline
Points: 192
Post Options Post Options   Thanks (0) Thanks(0)   Quote lyndonje Quote  Post ReplyReply Direct Link To This Post Posted: 18 April 2006 at 6:46am
At present I block on softails.

I decided that if it caused me a big problem I would default back to block only hardfails.

So far I've had no complaints, and in my view, if admins are too lazy to publish a correct SPF, and to make their lives easier publish a ~all, then its the same as a admin being lazy and not closing relay etc. In which case, why bother having an SPF record at all if they arent going to administer it correclty and ultimately publish a -all.

I do understand that some people maybe in 'testing' phase, which I do understand, and would not class these admins as lazy. But if a legitimate user complained to their IT dept that they were blocked, which was caused by a soft tail, the IT guy would then go, 'Oh right, lets add your IP to our SPF record' - in effect sorting the problem and helping the senders IT dept complete their SPF record.

Another thing to think about, how many spams do you get that are reportedly from hotmail.com and the like? As hotmail have a ~all, me blocking softtails blocks more spam (from reported sources such as hotmail.com) than false positives. I can understand why hotmail may have a softtail, and in my opinion it is to save them the head ache of any people that may complain who also have a mail client to send mail out using their hotmail address. So by hotmail doing this they're passing the ownous onto us. If such a user then contacted us, it would be for us to say 'If you're using your hotmail address you should use the hotmail web site'. In other words, Hotmail are wanting us to make the stance rather than them, which probably suites them fine.

Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.297 seconds.